gems-kernel/source/THIRDPARTY/xnu/bsd/sys/persona.h

513 lines
14 KiB
C
Raw Normal View History

2024-06-03 11:29:39 -05:00
/*
* Copyright (c) 2015 Apple Inc. All rights reserved.
*
* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
*
* This file contains Original Code and/or Modifications of Original Code
* as defined in and that are subject to the Apple Public Source License
* Version 2.0 (the 'License'). You may not use this file except in
* compliance with the License. The rights granted to you under the License
* may not be used to create, or enable the creation or redistribution of,
* unlawful or unlicensed copies of an Apple operating system, or to
* circumvent, violate, or enable the circumvention or violation of, any
* terms of an Apple operating system software license agreement.
*
* Please obtain a copy of the License at
* http://www.opensource.apple.com/apsl/ and read it before using this file.
*
* The Original Code and all software distributed under the License are
* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
* Please see the License for the specific language governing rights and
* limitations under the License.
*
* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
*/
#ifndef _SYS_PERSONA_H_
#define _SYS_PERSONA_H_
#ifdef PRIVATE
#include <sys/param.h>
#ifdef KERNEL
__enum_decl(persona_type_t, int, {
#else /* !KERNEL */
enum {
#endif /* KERNEL */
PERSONA_INVALID = 0,
PERSONA_GUEST = 1,
PERSONA_MANAGED = 2,
PERSONA_PRIV = 3,
PERSONA_SYSTEM = 4,
PERSONA_DEFAULT = 5,
PERSONA_SYSTEM_PROXY = 6,
PERSONA_SYS_EXT = 7,
PERSONA_ENTERPRISE = 8,
PERSONA_TYPE_MAX = PERSONA_ENTERPRISE,
#ifdef KERNEL
});
#else /* !KERNEL */
};
#endif /* KERNEL */
#define PERSONA_ID_NONE ((uid_t)-1)
struct kpersona_info {
/* v1 fields */
uint32_t persona_info_version;
uid_t persona_id;
int persona_type;
gid_t persona_gid; /* unused */
uint32_t persona_ngroups; /* unused */
gid_t persona_groups[NGROUPS]; /* unused */
uid_t persona_gmuid; /* unused */
char persona_name[MAXLOGNAME + 1];
/* v2 fields */
uid_t persona_uid;
} __attribute__((packed));
#define PERSONA_INFO_V1 1
#define PERSONA_INFO_V2 2
// Userspace and the kernel must see the same struct layout. Assert that in
// either case sizeof() is equal to the same pre-determined value.
_Static_assert(sizeof(struct kpersona_info) == 348, "sizeof(kpersona_info) == 348");
#define PERSONA_OP_ALLOC 1
#define PERSONA_OP_PALLOC 2
#define PERSONA_OP_DEALLOC 3
#define PERSONA_OP_GET 4
#define PERSONA_OP_INFO 5
#define PERSONA_OP_PIDINFO 6
#define PERSONA_OP_FIND 7
#define PERSONA_OP_GETPATH 8
#define PERSONA_OP_FIND_BY_TYPE 9
#define PERSONA_MGMT_ENTITLEMENT "com.apple.private.persona-mgmt"
#ifndef KERNEL
/*
* user space persona interface
*/
/*
* kpersona_alloc: Allocate a new in-kernel persona
*
* Parameters:
* info: Pointer to persona info structure describing the
* attributes of the persona to create / allocate.
*
* id: output: set to the ID of the created persona
*
* Note:
* The 'persona_id' field of the 'info' parameter is ignored.
*
* Return:
* != 0: ERROR
* == 0: Success
*/
int kpersona_alloc(struct kpersona_info *info, uid_t *id);
/*
* kpersona_palloc: Allocate a new in-kernel persona with a directory
* pathname
*
* Parameters:
* info: Pointer to persona info structure describing the
* attributes of the persona to create / allocate.
*
* path: Pointer to directory name that stores persona specific
* data. Assumes path buffer length = MAXPATHLEN and is a
* null-terminated string.
*
* id: output: set to the ID of the created persona
*
* Note:
* The 'persona_id' field of the 'info' parameter is ignored.
*
* Return:
* != 0: ERROR
* == 0: Success
*/
int kpersona_palloc(struct kpersona_info *info, uid_t *id, char path[MAXPATHLEN]);
/*
* kpersona_dealloc: delete / destroy an in-kernel persona
*
* Parameters:
* id: the ID of the persona to destroy
*
* Return:
* < 0: ERROR
* 0: Success
*/
int kpersona_dealloc(uid_t id);
/*
* kpersona_get: retrieve the persona with which the current thread is running
*
* To find the proc's persona id use kpersona_pidinfo
*
* Parameters:
* id: output: will be filled with the persona id from the voucher adopted
* on the current thread. If that voucher contains no persona information
* or there is no such voucher, then it defaults to the proc's persona id.
*
* Return:
* < 0: Thread is not running under any persona
* 0: Success (uuid is filled with running persona UUID)
*/
int kpersona_get(uid_t *id);
/*
* kpersona_get_path: retrieve the given persona's path
*
* Parameters:
* id: ID of the persona
*
* path: output: filled in with path on success.
* Assumes path buffer length = MAXPATHLEN
*
* Return:
* < 0: Error
* 0: Success
*/
int kpersona_getpath(uid_t id, char path[MAXPATHLEN]);
/*
* kpersona_info: gather info about the given persona
*
* Parameters:
* id: ID of the persona to investigate
* If set to 0, it uses persona id from the voucher adopted on the current
* thread. If that voucher contains no persona information or there is no
* such voucher, then it defaults to the proc's persona id.
*
* info: output: filled in with persona attributes on success.
*
* Return:
* < 0: ERROR
* 0: Success
*/
int kpersona_info(uid_t id, struct kpersona_info *info);
/*
* kpersona_pidinfo: gather persona info about the given PID
*
* Parameters:
* pid: PID of the process whose persona info we're to return
*
* info: output: filled in with persona attributes on success.
*
* Return:
* < 0: ERROR
* 0: Success
*/
int kpersona_pidinfo(pid_t pid, struct kpersona_info *info);
/*
* kpersona_find: lookup the kernel's UUID of a persona
*
* Parameters:
* name: Local login name of the persona.
* Set this to NULL to find personas by 'uid'.
*
* uid: UID of the persona.
* Set this to -1 to find personas by 'name'
*
* id: output: the ID(s) matching the input parameters
* This can be NULL
*
* idlen: input - size of 'id' buffer (in number of IDs)
* output - the total required size of the 'id' buffer
* (in number of IDs) - may be larger than input size
* Note:
* At least one of 'name' or 'uid' must be set.
*
* Return:
* < 0: ERROR
* >= 0: Output value of idlen - may be larger than input size
*/
int kpersona_find(const char *name, uid_t uid, uid_t *id, size_t *idlen);
/*
* kpersona_find_by_type: lookup the persona ids by type
*
* Parameters:
* persona_type: Type of persona id (see enum)
*
* id: output: the ID(s) matching the input parameters
* This can be NULL
*
* idlen: input - size of 'id' buffer (in number of IDs)
* output - the total required size of the 'id' buffer
* (in number of IDs) - may be larger than input size
* Return:
* < 0: ERROR
* >= 0: Output value of idlen - may be larger than input size
*/
int kpersona_find_by_type(int persona_type, uid_t *id, size_t *idlen);
#endif /* !KERNEL */
#ifdef KERNEL_PRIVATE
/* XNU + kext private interface */
#include <sys/cdefs.h>
#include <sys/kauth.h>
#include <libkern/libkern.h>
#include <os/refcnt.h>
#ifdef PERSONA_DEBUG
#include <os/log.h>
#define persona_dbg(fmt, ...) \
os_log(OS_LOG_DEFAULT, "[%4d] %s: " fmt "\n", \
current_proc() ? proc_getpid(current_proc()) : -1, \
__func__, ## __VA_ARGS__)
#else
#define persona_dbg(fmt, ...) do { } while (0)
#endif
/*
* Persona
*/
#ifdef XNU_KERNEL_PRIVATE
/* only XNU proper needs to see the persona structure */
struct persona {
os_refcnt_t pna_refcount;
int32_t pna_valid;
uid_t pna_id;
persona_type_t pna_type;
char pna_login[MAXLOGNAME + 1];
char *pna_path;
uid_t pna_uid;
LIST_ENTRY(persona) pna_list;
/* this could go away if we used a coalition */
LIST_HEAD(, proc) pna_members;
lck_mtx_t pna_lock;
/*
* We can add things here such as PID maps, UID maps, etc.
*/
#ifdef PERSONA_DEBUG
char pna_desc[128];
#endif
};
#define persona_lock(persona) lck_mtx_lock(&(persona)->pna_lock)
#define persona_unlock(persona) lck_mtx_unlock(&(persona)->pna_lock)
#define persona_try_lock(persona) lck_mtx_try_lock(&(persona)->pna_lock)
#define persona_lock_assert_held(persona) \
LCK_MTX_ASSERT(&(persona)->pna_lock, LCK_MTX_ASSERT_OWNED)
#ifdef PERSONA_DEBUG
static inline const char *
persona_desc(struct persona *persona, int locked)
{
if (!persona) {
return "<none>";
}
if (persona->pna_desc[0] != 0) {
return persona->pna_desc;
}
if (!locked) {
persona_lock(persona);
}
if (persona->pna_desc[0] != 0) {
goto out_unlock;
}
char *p = &persona->pna_desc[0];
char *end = p + sizeof(persona->pna_desc) - 1;
*end = 0;
p += scnprintf(p, end - p, "%s/%d",
persona->pna_login,
persona->pna_id);
if (p <= end) {
*p = 0;
}
out_unlock:
if (!locked) {
persona_unlock(persona);
}
return persona->pna_desc;
}
#else /* !PERSONA_DEBUG */
static inline const char *
persona_desc(struct persona *persona, int locked)
{
(void)persona;
(void)locked;
return "<persona>";
}
#endif
#else /* !XNU_KERNEL_PRIVATE */
/* kexts should only see an opaque persona structure */
struct persona;
#endif
__BEGIN_DECLS
#ifndef _KAUTH_CRED_T
#define _KAUTH_CRED_T
typedef struct ucred *kauth_cred_t;
#endif /* !_KAUTH_CRED_T */
/* returns the persona ID for the given pesona structure */
uid_t persona_get_id(struct persona *persona);
/* returns the persona UID for the given pesona structure */
uid_t persona_get_uid(struct persona *persona);
/* returns the type of the persona (see enum above: PERSONA_GUEST, etc.) */
int persona_get_type(struct persona *persona);
/* returns a reference that must be released with persona_put() */
struct persona *persona_lookup(uid_t id);
/*
* Search for personas based on name or uid
*
* Parameters:
* name: Local login name of the persona.
* Set this to NULL to find personas by 'uid'.
*
* uid: UID of the persona.
* Set this to -1 to find personas by 'name'
*
* persona: output - array of persona pointers. Each non-NULL value
* must* be released with persona_put. This can be NULL.
*
* plen: input - size of 'persona' buffer (in number of pointers)
* output - the total required size of the 'persona' buffer (could be larger than input value)
*
* Return:
* 0: Success
* != 0: failure (BSD errno value ESRCH or EINVAL)
*/
int persona_find(const char *login, uid_t uid,
struct persona **persona, size_t *plen);
/* returns a reference that must be released with persona_put() */
struct persona *persona_proc_get(pid_t pid);
/* returns the persona id tied to the current thread (also uses adopted voucher) */
uid_t current_persona_get_id(void);
/* returns a reference to the persona tied to the current thread (also uses adopted voucher) */
struct persona *current_persona_get(void);
/* get a reference to a persona structure */
struct persona *persona_get(struct persona *persona);
/* returns a reference to proc's persona that must be released with persona_put() */
struct persona *proc_persona_get(proc_t p);
/* release a reference to a persona structure */
void persona_put(struct persona *persona);
/*
* Search for personas of a given type, 'persona_type'.
*
* Parameters:
* persona_type: Type of persona (see enum)
*
* persona: output - array of persona pointers. Each non-NULL value
* must* be released with persona_put. This can be NULL.
*
* plen: input - size of 'persona' buffer (in number of pointers)
* output - the total required size of the 'persona' buffer (could be larger than input value)
*
* Return:
* 0: Success
* != 0: failure (BSD errno value ESRCH or EINVAL)
*/
int persona_find_by_type(persona_type_t persona_type, struct persona **persona,
size_t *plen);
boolean_t persona_is_adoption_allowed(struct persona *persona);
#ifdef XNU_KERNEL_PRIVATE
#if CONFIG_PERSONAS
#include <sys/proc_internal.h>
/*
* In-kernel persona API
*/
extern const uint32_t g_max_personas;
struct persona *persona_alloc(uid_t id, const char *login,
persona_type_t type, char *path, uid_t uid, int *error);
int persona_init_begin(struct persona *persona);
void persona_init_end(struct persona *persona, int error);
struct persona *persona_lookup_and_invalidate(uid_t id);
static inline int
proc_has_persona(proc_t p)
{
if (p && p->p_persona) {
return 1;
}
return 0;
}
static inline uid_t
persona_id_from_proc(proc_t p)
{
if (p && p->p_persona) {
return p->p_persona->pna_id;
}
return PERSONA_ID_NONE;
}
/* consumes persona */
int persona_proc_adopt(proc_t p, struct persona *persona, kauth_cred_derive_t fn);
int persona_proc_drop(proc_t p);
/* returns a reference that must be released with persona_put() */
struct persona *persona_proc_get(pid_t pid);
int persona_find_all(const char *login, uid_t uid, persona_type_t persona_type,
struct persona **persona, size_t *plen);
#else /* !CONFIG_PERSONAS */
static inline int
proc_has_persona(__unused proc_t p)
{
return 0;
}
static inline uid_t
persona_id_from_proc(__unused proc_t p)
{
return PERSONA_ID_NONE;
}
#endif /* CONFIG_PERSONAS */
#endif /* XNU_KERNEL_PRIVATE */
__END_DECLS
#endif /* KERNEL_PRIVATE */
#endif /* PRIVATE */
#endif /* _SYS_PERSONA_H_ */